The International Business of Cybercrime

By the time it was under control, the recent global outbreak of the “WannaCry” “ransomware” virus had infected tens of thousands of computers in 150 countries around the world. The fast-moving cyberattack shut down hospitals in Britain, disrupted utilities in Spain and railways in Germany, and hit the private sector as well, including U.S. logistics giant FedEx.

The scope and speed of the attack show just how interconnected and fragile the infrastructure of global commerce is – to be so quickly disrupted by a virus that a simple software update could have blocked. It’s also a vulnerability that criminals are all too eager to exploit: International cybercrime is a booming international business.

In fact, says Europol’s 2016 Internet Organized Crime Assessment Report, the “increase in volume, scope and financial damage combined with the asymmetric risk that characterises cybercrime has reached such a level that in some EU countries cybercrime may have surpassed traditional crime in terms of reporting.”

While cybercrime also includes the activities of terrorists looking to take down public safety systems or that of spies hoping to steal national security secrets, much of the world’s cybercrime is motivated by pure profit. According to Verizon’s 2017 Data Breach Investigations Report, 73 percent of breaches are financially motivated and 51 percent of data breaches involve organized crime.

A few more facts about the business of cybercrime from Verizon’s report:

• • Financial firms were the industry sector most targeted by hackers.

24 percent of the victims of data breaches reported by Verizon in 2017 were at financial organizations, and the sector recorded 998 incidents last year, including 471 confirmed thefts of data. The most common crimes were thefts of customer passwords as well as the use of skimmers and cameras at ATMs. Also increasingly prevalent, along with the rise of apps like ApplePay, are “banking Trojans” – fraudulent apps that pose as legitimate ones and directly steal money from your bank account.

While hackers like to target banks (that’s where the money is, as the old saw goes), other popular targets include retailers (326 incidents), healthcare (458 incidents) and education (455 incidents).

• • Ransomware is increasingly common.

While ransomware viruses such as WannaCry have been around since 1989, says the Verizon report, their prevalence has dramatically increased along with their profitability. They are now the fifth most common type of malware attack, according to Verizon.

Most ransomware programs work like WannaCry, which encrypt victims’ computers and threaten to delete their files in the absence of a payment. You can think of them as a particularly malicious piece of e-commerce. According to Europol, ransomware viruses, including such widespread variants as Cryptowall, Cryptolocker and Locky, typically demand payment via the global crypto-currency Bitcoin and use the open-source software Tor, which enables anonymous Internet communication worldwide.

• • Espionage motivates a significant share of cybercrimes.

While profit is the number one motive for cybercriminals, espionage is also a common goal.

According to Verizon, 21 percent of all breaches in 2017 were related to espionage, including the overwhelming majority of breaches reported in the manufacturing sector. In fact, of the 620 incidents reported to Verizon among manufacturers, 94 percent were motivated by espionage, including primarily the theft of trade secrets.

The criminals engaging in this activity are often out to steal a competitor’s R&D, rather than invest in it themselves, or to grab closely guarded information on industrial processes, formulas for proprietary chemicals or plans for future products. Many of these actors might also be involved with foreign countries – the Verizon report finds that “state-affiliated actors” (e.g., North Korea or Russia) were involved in 18 percent of the data breaches reported in 2017.

While the rise of the Internet has been a boon for consumers and businesses worldwide, the parallel rise of cybercrime is a growing threat to the vitality of global commerce.

Fortunately, governments and businesses increasingly aware of the risks are fighting back. And with those efforts has come the creation of yet another global industry likely to gain much more future prominence: cybersecurity.